• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

BSD Kernel ARP Cache Flooding Denial of Service Vulnerability

A vulnerability has been discovered in the BSD kernel. The problem occurs in the storage of ARP cache entries when handling ARP requests. As a result of this issue, an attacker capable of transmitted a large volume of spoofed ARP requests to a target system may be capable of triggering a system panic. This would effectively deny services to other legitimate users until the system is manually rebooted.

The issue is reported to exist in FreeBSD, IRIX and MacOS X. Other systems, which use a BSD-derived kernel, may also be prone to the issue.